PHP is maturing as a language as well as a technology for building a wide range of applications. PHP 7 is coming out this year and it’s more powerful and faster than it ever was. There’s a lot to look forward to, but there’s still plenty of room for improvement for PHP and for us as programmers.
Part of the reason for the PHP hate circlejerk is often explained as being fueled by its inconsistencies and functional shortcomings. This is definitely true for the older versions, but less and less relevant with every new release. The decisions and performance of the core developers are another important contributing factor. The short array syntax, as an example, was proposed in 2003 and implemented only in 2012. But the subject of this post is the incompetence of programmers and programming book authors.
PHP programmers handbook
The first book on PHP I read was printed in 2003. Having a homepage was the hottest thing back then. Thanks to free shared hosting even kids could make a simple website in Microsoft FrontPage, upload it through FTP and marvel at their own creation. Flash buttons and frames weren’t enough for me, so I had to learn a scripting language. The book, examples from which are provided below, focused on PHP 4, but offered advice on comparability with PHP 3. It looked fine for a complete beginner. Revisiting it after so many years is quite entertaining.
The strings
You can use double quotes, you can use single quotes, this book uses accents to encapsulate strings. You can use grave accents (backticks) in PHP to execute commands, but you can’t encapsulate strings with them. Acute accents won’t work either. I have no idea how this made it into the book.
Tabs? Spaces? Nope.
This line alone is amazing for many reasons. No one bothered running the code, before putting it in the book.
Capitalization is inconsistent.
This code was supposed to demonstrate how operator precedence works. The authors of the book didn’t bother saving the result.
The loops
Including a function like count() or sizeof() within a loops execution condition is a bad idea. This expression will be executed with every iteration.
Instead you should use something like this:
|
1 2 |
$count = count($array); for ($i = 0; $i<$count; $i++) {} |
or this:
|
1 |
for ($i = 0, $count = count($array); $i<$count; $i++) {} |
Variables
The names for the variables don’t make any sense.
If they wanted to show and example for a while loop they could have named the variables $i and $max instead of $my and $name. That would make more sense.
The visitor counter
This was my favorite script in the book. It was small, simple and I needed it very much. I copied it, saved and ran it. And it didn’t work. Again no one bothered running the code before including it in the book. Can you find the problem?
Apart from the </php typo, the authors forgot a curly bracket after $counter = 0; .
SQL injection
Here the authors of the book surpassed themselves. Not only is <?php missing after the <body> tag and the $ sign is missing from submit, register_globals is on and no validation or cleaning is performed before inserting a row.
The aftermath
Awful books bred bad programmers who wrote horrible software and more awful books. The momentum was strong and lasted many years. The next PHP book I read was printed in 2005 and still had code with SQL Injections, but at least no more register_globals.
‘mydatebase’, looks like this book was written by Dolan.
Thanks for the entertaining read.
I like how, in the last example, they assigned the database connection to a variable named
$date, and then went on to select the database “mydatebase” [sic!].Thanks for reading.
I was learning to work with MySQL from that book back in 2003. I actually called all my database connection $date for some time thanks to it. It didn’t make much sense, but it worked. Took some time to unlearn what I have learned back then.
I like how they also don’t even care about where – or even if – to place curly braces.
I think the sql injection part is a bigger problem. There are way to many books and tutorials for beginners who learn to use sql in php like this and i know that it is easier but they never metion that it is very unsafe to use it like this.
Nice post, I hate php even though I am writing it.
Now you can use count() directly in a loop condition, PHP doesn’t execute it every times.
Can you provide a source please?
How can you write this post and NOT name the book?!
The name of the book is beside the point. The scans are provided for educational/entertainment purposes.
I’m in agreement here, could you name the book? I’m reading a PHP book right now, and I honestly think this could be the first edition of it (or at least, not far removed). If it is in anyway related, then it shows that PHP books have not improved a whole lot in 10 years (mine is from 2013).
They did improve a lot. The last paper book on PHP I read was printed in 2008 and I don’t have any complaints. Now there are amazing resources online for those wanting to learn.
PHP The Right Way
SourceMaking
PHP must watch
To name a few.
If you’re still interested in this old book from 2003 here’s the ISBN 985-475-014-0.
Just a data point… The PHP book I learned from was copyright 2004 (PHP5 and MySQL Bible [Wiley]). It did a great job of pointing out bad/dangerous practices, and was correct throughout. I guess I was lucky by the sound of things.